Lucene search
K

190 matches found

NVD
NVD
added 2026/06/29 10:16 p.m.8 views

CVE-2026-10647

The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...

5.3CVSS0.00134EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/29 9:39 p.m.27 views

CVE-2026-10647 Deadlock denial of service in USB CDC-NCM device class on TX enqueue failure

The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...

5.3CVSS0.00134EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/29 9:39 p.m.7 views

CVE-2026-10647

The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...

5.3CVSS6AI score0.00134EPSS
Exploits1References3Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: cdnsp: Fixed a deadlock issue in cdnspthreadirqhandler. The patch fixes the following critical issue caused by deadlock, which was detected during testing of the NCM class: - smp: csd: A non-responsive CSD lock 1 was...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/05/11 12:12 p.m.21 views

USN-8200-3: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - GPU drivers; - I2C subsystem; - Network traffic control; CVE-2022-49046,...

7.8CVSS5.9AI score0.00255EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/08 11:15 p.m.10 views

CVE-2026-43421

A flaw was found in the Linux kernel's USB gadget function for Network Control Model NCM. During device disconnection, a network device could outlive its parent gadget device, leading to dangling system file system sysfs links and null pointer dereference problems. This vulnerability can result i...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:31 p.m.13 views

EUVD-2026-28728

In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fix NPE in gncmbind Commit 56a512a9b410 "usb: gadget: fncm: align netdevice lifecycle with bind/unbind" deferred the allocation of the netdevice. This change leads to a NULL pointer dereference in the legacy NCM...

5.7AI score0.00121EPSS
Exploits0References4
NVD
NVD
added 2026/05/08 3:16 p.m.14 views

CVE-2026-43422

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

0.00121EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.31 views

CVE-2026-43423

...

0.00091EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.10 views

CVE-2026-43422

Removed by vendor...

5.2AI score0.00121EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.12 views

PT-2026-39083

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the legacy NCM driver within the gncm bind function. This issue arises because the driver attempts to access the net device before it is fully...

5.8AI score0.00121EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.8 views

Wireshark 2.2.x < 2.2.1 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.1 advisory. - In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture...

7.5CVSS5.8AI score0.02205EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/04/24 8:16 p.m.6 views

CVE-2026-31617

A flaw was found in the Linux kernel's USB Network Control Model NCM gadget driver. A malicious USB host could exploit an integer underflow vulnerability when processing Network Transfer Block NTB headers. This allows the host to manipulate internal data pointers, causing adjacent kernel memory t...

7CVSS5.1AI score0.00129EPSS
Exploits0References4
OSV
OSV
added 2026/04/06 9:40 p.m.14 views

USN-8145-3 linux-gcp, linux-gcp-4.15, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - UDF file system; - NFC subsystem; - Network traffic control;...

7.8CVSS6.8AI score0.00244EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/04/03 6:22 p.m.6 views

CVE-2026-23447

A flaw was found in the USB CDC NCM Network Control Model driver in the Linux kernel. This vulnerability, a bounds-check bug, occurs when processing NCM Datagram Pointer NDP32 frames. It fails to correctly account for the ndpoffset, which can lead to out-of-bounds reads. This could result in...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/03/02 12:0 a.m.3 views

SDN-SYN PoW: Intent-Aware Adaptive SDN Defense with PoW against Multi-Domain SYN Floods

The stability of Internet services is persistently challenged by the escalating scale of volumetric TCP SYN floods, as conventional defenses like SYN Cookies fail by exacerbating bandwidth depletion under modern attacks. This paper introduces SDN-SYN PoW, a novel defense architecture that...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.7 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992790)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992790 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix deadlock when using NCM gadget The cdns3 driver has the same NCM deadlock as fixe...

5.5CVSS6.2AI score0.00132EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/16 3:30 p.m.6 views

EUVD-2025-203676

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: netcp: Standardize knavdmaopenchannel to return NULL on error Make knavdmaopenchannel consistently return NULL on error instead of ERRPTR. Currently the header include/linux/soc/ti/knavdma.h returns NULL when t...

5.9AI score0.00177EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989908)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989908 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: fix potential NULL ptr deref in ncmbitrate In Google internal bug 265639009...

5.5CVSS6.1AI score0.00241EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2025/10/08 9:21 a.m.5 views

USN-7811-1: Linux kernel (NVIDIA Tegra IGX) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; CVE-2025-38618, CVE-2025-38477, CVE-2025-38617...

7.8CVSS7AI score0.00288EPSS
Exploits0
Rows per page
Query Builder